{"id":208683,"date":"2025-03-14T09:21:28","date_gmt":"2025-03-14T14:21:28","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/03\/microsoft-apologizes-for-removing-vscode-extensions-used-by-millions"},"modified":"2025-03-14T09:21:28","modified_gmt":"2025-03-14T14:21:28","slug":"microsoft-apologizes-for-removing-vscode-extensions-used-by-millions","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/03\/microsoft-apologizes-for-removing-vscode-extensions-used-by-millions","title":{"rendered":"Microsoft apologizes for removing VSCode extensions used by millions"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/microsoft-apologizes-for-removing-vscode-extensions-used-by-millions.jpg\"><\/a><\/p>\n<p>Microsoft has reinstated the \u2018Material Theme \u2013 Free\u2019 and \u2018Material Theme Icons \u2013 Free\u2019 extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn\u2019t actually malicious.<\/p>\n<p>The two VSCode extensions, which count over 9 million installs, were pulled from the VSCode Marketplace in late February over security risks, and their publisher, Mattia Astorino (aka \u2018equinusocio\u2019) was banned from the platform.<\/p>\n<p>\u201cA member of the community did a deep security analysis of the extension and found multiple red flags that indicate malicious intent and reported this to us,\u201d <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/vscode-extensions-with-9-million-installs-pulled-over-security-risks\/\" target=\"_blank\" rel=\"nofollow noopener\">stated a Microsoft employee at the time<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft has reinstated the \u2018Material Theme \u2013 Free\u2019 and \u2018Material Theme Icons \u2013 Free\u2019 extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn\u2019t actually malicious. The two VSCode extensions, which count over 9 million installs, were pulled from the VSCode Marketplace in late February over security risks, and their [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1635,1492],"tags":[],"class_list":["post-208683","post","type-post","status-publish","format-standard","hentry","category-materials","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/208683","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=208683"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/208683\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=208683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=208683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=208683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}